function compute_heritated_auth($category_id, $bit, $mode) { $ids = array_reverse($this->build_parents_id_list($category_id, ADD_THIS_CATEGORY_IN_LIST)); $length = count($ids); $result = array(); if (count($ids) > 0) { $result = $this->cache_var[$ids[0]]['auth']; for ($i = 1; $i < $length; $i++) { $result = Authorizations::merge_auth($result, $this->cache_var[$ids[$i]]['auth'], $bit, $mode); } } return $result; }
$Sql->query_inject("INSERT INTO " . PREFIX . "media (idcat, iduser, timestamp, name, contents, url, mime_type, infos, width, height, users_note) VALUES ('" . $media['idcat'] . "', '" . $User->Get_attribute('user_id') . "', '" . time() . "', '" . $media['name'] . "', '" . strparse($media['contents']) . "', '" . $media['url'] . "', '" . $media['mime_type'] . "', " . "'" . ($User->check_auth($auth_cat, MEDIA_AUTH_WRITE) ? MEDIA_STATUS_APROBED : 0) . "', '" . $media['width'] . "', '" . $media['height'] . "', '')", __LINE__, __FILE__); $new_id_media = $Sql->insert_id("SELECT MAX(id) FROM " . PREFIX . "media"); $media_categories->recount_media_per_cat($media['idcat']); import('content/syndication/feed'); Feed::clear_cache('media'); if (!$auth_write) { import('events/contribution'); import('events/contribution_service'); $media_contribution = new Contribution(); $media_contribution->set_id_in_module($new_id_media); $media_contribution->set_description(stripslashes($media['counterpart'])); $media_contribution->set_entitled(stripslashes(sprintf($MEDIA_LANG['contribution_entitled'], $media['name']))); $media_contribution->set_fixing_url('/media/media_action.php?edit=' . $new_id_media); $media_contribution->set_poster_id($User->get_attribute('user_id')); $media_contribution->set_module('media'); $media_contribution->set_auth(Authorizations::capture_and_shift_bit_auth(Authorizations::merge_auth($MEDIA_CATS[0]['auth'], $media_categories->compute_heritated_auth($media['idcat'], MEDIA_AUTH_WRITE, AUTH_CHILD_PRIORITY), MEDIA_AUTH_WRITE, AUTH_CHILD_PRIORITY), MEDIA_AUTH_WRITE, CONTRIBUTION_AUTH_BIT)); ContributionService::save_contribution($media_contribution); redirect(HOST . DIR . '/media/contribution.php?cat=' . $media['idcat']); } else { redirect_confirm('media' . url('.php?id=' . $new_id_media), $MEDIA_LANG['add_success'], TIME_REDIRECT); } } else { $Errorh->handler('e_auth', E_USER_REDIRECT); exit; } } else { $Errorh->handler('e_auth', E_USER_REDIRECT); exit; } $Template->pparse('media_action'); require_once '../kernel/footer.php';
/** * @desc Computes the global authorization level of the whole parent categories. The result corresponds to all the category's parents merged. * @param int $id_category Id of the category for which you want to know what is the global authorization * @param int $bit The autorization bit you want to check * @param int $mode Merge mode. If it corresponds to a read autorization, use Authorizations::AUTH_PARENT_PRIORITY which will disallow for example all the subcategories of a category to which you can't access, or Authorizations::AUTH_CHILD_PRIORITY if you want to work in write mode, each child will be able to redifine the authorization. * @return mixed[] The merged array that you can use only for the bit $bit. */ public function get_heritated_authorizations($id_category, $bit, $mode) { $categories = array_reverse($this->get_parents($id_category, true)); $result = $this->categories_cache->get_root_category()->get_authorizations(); if (!empty($categories)) { foreach ($categories as $category) { if ($category->get_id() !== Category::ROOT_CATEGORY) { $result = Authorizations::merge_auth($result, $category->get_authorizations(), $bit, $mode); } } } return $result; }
} import('util/url'); $file_relative_url = new Url($file_url); $Sql->query_inject("INSERT INTO " . PREFIX . "download (title, idcat, url, size, count, force_download, contents, short_contents, image, timestamp, release_timestamp, start, end, visible, approved, users_note) " . "VALUES ('" . $file_title . "', '" . $file_cat_id . "', '" . $file_relative_url->relative() . "', '" . $file_size . "', '" . $file_hits . "', '" . ($file_download_method == 'force_download' ? DOWNLOAD_FORCE_DL : DOWNLOAD_REDIRECT) . "', '" . strparse($file_contents) . "', '" . strparse($file_short_contents) . "', '" . $file_image . "', '" . $file_creation_date->get_timestamp() . "', '" . ($ignore_release_date ? 0 : $file_release_date->get_timestamp()) . "', '" . $start_timestamp . "', '" . $end_timestamp . "', '" . $visible . "', '" . (int) $auth_write . "', '')", __LINE__, __FILE__); $new_id_file = $Sql->insert_id("SELECT MAX(id) FROM " . PREFIX . "download"); if (!$auth_write) { import('events/contribution'); import('events/contribution_service'); $download_contribution = new Contribution(); $download_contribution->set_id_in_module($new_id_file); $download_contribution->set_description(stripslashes($contribution_counterpart)); $download_contribution->set_entitled(sprintf($DOWNLOAD_LANG['contribution_entitled'], $file_title)); $download_contribution->set_fixing_url('/download/management.php?edit=' . $new_id_file); $download_contribution->set_poster_id($User->get_attribute('user_id')); $download_contribution->set_module('download'); $download_contribution->set_auth(Authorizations::capture_and_shift_bit_auth(Authorizations::merge_auth($CONFIG_DOWNLOAD['global_auth'], $download_categories->compute_heritated_auth($file_cat_id, DOWNLOAD_WRITE_CAT_AUTH_BIT, AUTH_CHILD_PRIORITY), DOWNLOAD_WRITE_CAT_AUTH_BIT, AUTH_CHILD_PRIORITY), DOWNLOAD_WRITE_CAT_AUTH_BIT, CONTRIBUTION_AUTH_BIT)); ContributionService::save_contribution($download_contribution); redirect(HOST . DIR . '/download/contribution.php'); } $download_categories->Recount_sub_files(); import('content/syndication/feed'); Feed::clear_cache('download'); redirect(HOST . DIR . '/download/' . url('download.php?id=' . $new_id_file, 'download-' . $new_id_file . '+' . url_encode_rewrite($file_title) . '.php')); } else { redirect(HOST . DIR . '/download/' . url('download.php')); } } elseif ($preview) { $contribution_counterpart_source = strprotect(retrieve(POST, 'counterpart', '', TSTRING_AS_RECEIVED), HTML_PROTECT, ADDSLASHES_NONE); $begining_calendar = new MiniCalendar('begining_date'); $begining_calendar->set_date($begining_date); $end_calendar = new MiniCalendar('end_date');